PATENT ABSTRACTS OF JAPAN 



(11 Publication number: 11-231776 
(43)Date of publication of application : 27.08.1999 



(51)Int.CI. 




G09C 1/00 
G09C 1/00 
H04L 9/32 




(21 Application number : 


10-031560 


(71)Applicant : 


NIPPON TELEGR & TELEPH CORP <NTT> 


(22)Date of filing : 


13.02.1998 


(72)Inventor : 


SHIMADA MASAKAZU 








TOKUNAGA HIDETOSHI 








HOSHIKO TAKAYUKI 








YASUDA HITOSHI 



(54) METHOD AND DEVICE FOR ISSUING CERTIFICATE 

(57)Abstract: 

PROBLEM TO BE SOLVED: To confirm identity online and to issue a certificate certifying the public key of that 
person. 

SOLUTION: Certificate application information CRI contains secret information showing the identity such as a 
credit number, this CRI is made into CRI-S by adding a digital signature through a disposable secret key Ss1, this 
is enciphered into CRI-S-E by a random generation cryptographic key Er, a shared key SK is prepared by the 
disposable secret key Ss1 and a public key Ep of an application accepting device, Er is enciphered into Er-E by 
the SK and CRI-S- E, Er-E, public key Sp1 of the Ssl and public key Ep1 of the Es1 are sent to the application 
accepting device. At the accepting device, the SK is prepared by the secret keys Es2 and Ep1, the Er~E is 
deciphered by the SK, the CRI-S-E is deciphered by the Er and CRI-S is verified by the Sp1. In the case of 
successing, the legality of the secret information showing the identity in the CRI is confirmed and a certificate is 
issued. 
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■ * NOTICES * 

JPO and NCIPI are not responsible for any 
damages caused by the use of this translation. 

1 This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2.**** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 

CLAIMS 



[Claim(s)] 

[Claim 1] Generally* certificate application equipment creates certificate application information including 
the information which only he cannot know. Furthermore, generate a disposable key and securityHzation 
of the above-mentioned certificate application information is performed using the disposable key. The 
above-mentioned disposable key, the disposable public key information that a pair is made, and the 
information security-ized [ above ] to certificate application acceptance equipment Then, delivery, 
Certificate application acceptance equipment verifies the information security-ized [ above ] using 
disposable public key information, and to certificate issue equipment, if the above-mentioned verification 
result is success, delivery and the above-mentioned certificate issue equipment the verification result 
And it is the certificate issue approach which does not perform issue of a certificate when a certificate 
is published and justification cannot be checked, if the justification of certificate application information 
is checked and the justification is checked, but is characterized by certificate issue equipment notifying 
the result of certificate issue procedure to certificate application equipment. 

[Claim 2] the above-mentioned disposable key — dispersion — a logarithm — with the private key in a 
system unsymmetrical key cipher system, and the disposable key for key delivery which consists of a 
pair of a public key It is the disposable key for digital signatures which consists of a pair of a private key 
and a public key, and disposable public key information is the above-mentioned disposable public key for 
key delivery, and the above-mentioned disposable public key for digital signatures. SecurityHzation of 
the above-mentioned certificate application information performs a digital signature with the disposable 
private key for digital signatures to the above-mentioned certificate application information. And it is 
enciphering the certificate application information with a signature with the key for encryption generated 
at random, and acquiring security-ized certificate application information. A share key is generated using 
the above-mentioned disposable private key for key delivery, and the public key for key delivery of the 
above-mentioned certificate application acceptance equipment, the above-mentioned key for encryption 
is enciphered with the above-mentioned share key, and the encryption information on an encryption key 
is generated. The above-mentioned security-ized certificate application information, The encryption 
information on the above-mentioned encryption key is added to the above-mentioned disposable public 
key information, and it considers as certificate application demand information. To the above-mentioned 
application acceptance equipment verification of delivery and the information security-ized [ above ] 
The above-mentioned beam above-mentioned certificate application demand information with a 
receptacle is divided into the encryption information and disposable public key information on the key 
for security-ized certificate application information encryption. A share key is generated using the 
above-mentioned disposable public key for key delivery, and the private key for key delivery of the 
certificate application acceptance equipment. Decrypt the encryption information on the above- 
mentioned key for encryption with the share key, decode security-ized certificate application 
information with the above-mentioned share key, and certificate application information and a digital 
signature are acquired. The certificate issue approach according to claim 1 characterized by being 
verifying certificate application information using the above-mentioned disposable public key for digital 
signatures. 
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4 [Claim 3] the above-mentioned disposable key — dispersion — a logarithm — with the private key in a 
system unsymmetrical key cipher system, and the disposable key for key delivery which consists of a 
pair of a public key It is the disposable key for digital signatures which consists of a pair of a private key 
and a public key. The above-mentioned disposable public key information They are the above-mentioned 
disposable public key for key delivery, and the above-mentioned disposable public key for digital 
signatures. A share key is generated using the above-mentioned disposable private key for key delivery, 
and the public key for key delivery of the above-mentioned certificate application acceptance equipment. 
Security-ization of the above-mentioned certificate application information The above-mentioned 
disposable private key for digital signatures performs a digital signature to the above-mentioned 
certificate application information. And verification of the information which is enciphering this 
certificate application information with a signature with the above-mentioned share key, and acquiring 
security-ized certificate application information, and was security-ized [ above ] The security-ized 
certificate application information and disposable public key information which were received are divided. 
Generate a share key using the disposable public key for key delivery and the private key for key 
delivery of certificate acceptance equipment in the above-mentioned public key information, and the 
above-mentioned security-ized certificate application information is decrypted with the share key. The 
certificate issue approach according to claim 1 characterized by being acquiring certificate application 
information with a signature and carrying out signature verification of this certificate application 
information with a signature using the disposable public key for a signature in the above-mentioned 
public key information. 

[Claim 4] A means to create certificate application information including the user information which has 
the extra sensitive information which shows this human nature, user key information, etc., a means to 
generate the disposable private key and public key for digital signatures, and dispersion — a logarithm - 

- with a means to generate the disposable private key and public key for key delivery in a system 
unsymmetrical key cipher system A means to generate the key for encryption at random, and a means 
to generate a share key using the private key of throwing away for [ above-mentioned ] key delivery, 
and the public key for key delivery of certificate application acceptance equipment, A means to perform 
a digital signature for the above-mentioned certificate application information using the above- 
mentioned disposable private key for digital signatures, A means to encipher the above-mentioned digital 
office naming certificate application information with the above-mentioned encryption key, and to 
generate security-ized certificate application information, A means to acquire the encryption key 
information enciphered by enciphering the above-mentioned encryption key with the above-mentioned 
common key, The above-mentioned security-ized certificate application information and the encryption 
key information by which encryption was carried out [ above-mentioned ], A means to transmit the 
above-mentioned disposable public key for digital signatures, and the above-mentioned disposable public 
key for key delivery to the above-mentioned certificate application acceptance equipment, Certificate 
application equipment possessing the control means which performs R/W of as opposed to a storage 
means in making each above-mentioned means process sequentially **** etc., and an above-mentioned 
storage means, to memorize information required for the above-mentioned processing. 

[Claim 5] A means to create certificate application information including the user information which has 
the extra sensitive information which shows this human nature, user key information, etc., a means to 
generate the disposable private key and public key for digital signatures, and dispersion — a logarithm - 

- with a means to generate the disposable private key and public key for key delivery in a system 
unsymmetrical key cipher system A means to generate a share key using the private key of throwing 
away for [ above-mentioned ] key delivery, and the public key for key delivery of certificate application 
acceptance equipment A means to perform a digital signature for the above-mentioned certificate 
application information using the above-mentioned disposable private key for digital signatures, A means 
to encipher the above-mentioned digital office naming certificate application information with the above- 
mentioned share key, and to generate security-ized certificate application information, The above- 
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mentioned security-ized certificate application information and the above-mentioned disposable public 
key for digital signatures, Certificate application equipment possessing a means to transmit the above- 
mentioned disposable public key for key delivery to the above-mentioned certificate application 
acceptance equipment, the control means which performs R/W of as opposed to a storage means in 
making each above-mentioned means process sequentially **** etc., and an above-mentioned storage 
means to memorize information required for the above-mentioned processing. 

[Claim 6] A means to generate the private key for key delivery, and a means to receive the certificate 
application demand information from certificate application equipment, The received certificate 
application demand information Security-ized certificate application information, The enciphered 
encryption key information and the disposable public key for digital signatures, A means to generate a 
share key using a means to divide into the disposable public key for key delivery, and the above- 
mentioned private key and the above-mentioned disposable public key for key delivery, A means to 
decrypt the encryption key information by which encryption was carried out [ above-mentioned ] with 
the above-mentioned share key, and to obtain an encryption key, A means to decrypt the above- 
mentioned security-ized certificate application information with the above-mentioned encryption key, 
and to acquire digital office naming certificate application information, A means to verify certificate 
application information for the above-mentioned digital office naming certificate application information 
using the above-mentioned disposable public key for digital signatures, Certificate application 
acceptance equipment possessing the control means which is made to process each above-mentioned 
means sequentially, and performs the R/W to a storage means etc., and an above-mentioned storage 
means to memorize information required for the above-mentioned processing. 

[Claim 7] A means to generate the private key for key delivery, and a means to receive the certificate 
application demand information from certificate application equipment, The received certificate 
application demand information Security-ized certificate application information, A means to divide into 
the disposable public key for digital signatures, and the disposable public key for key delivery, A means 
to generate a share key using the above-mentioned private key and the above-mentioned disposable 
public key for key delivery, A means to decrypt the above-mentioned security-ized certificate 
application information with the above-mentioned share key, and to acquire digital office naming 
certificate application information, A means to verify certificate application information for the above- 
mentioned digital office naming certificate application information using the above-mentioned disposable 
public key for digital signatures, Certificate application acceptance equipment possessing the control 
means which is made to process each above-mentioned means sequentially, and performs the R/W to a 
storage means etc., and an above-mentioned storage means to memorize information required for the 
above-mentioned processing. 

[Claim 8] Certificate application information acceptance equipment according to claim 6 or 7 
characterized by having a means to verify the justification from the extra sensitive information which 
shows this human nature in the above-mentioned certificate application information if the above- 
mentioned signature verification is passed, and a means to publish the certificate according to the 
application information if verification of the justification is passed. 
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1. This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2. **** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention relates to the method of applying for an electronic certificate, 
verifying this using a telecommunication system, a computer, etc., and publishing a certificate, and its 
equipment. 
[0002] 

[Description of the Prior Art] It is possible to acquire various kinds of electronic intelligence, such as 
various program data and data of various databases. In this case, using the public key in a receipt and 
its certificate, a data feeder enciphers supply data, and offers the certificate in which it is shown that it 
is his thing of a public key, and it enables it to decode that supplied encryption data with the private key 
which only that user holds secretly so that the data to supply may not be acquired by the 3rd person. 
[0003] in order to have such a certificate published and to check this human nature of a certificate 
applicant in the former — him in off-line — the need of attesting existed, therefore, automation and 
increase in efficiency are restricted and the processing takes ****** in **, and cost, trustworthy him to 
whom security was secured, without having solved the above problems and revealing individual humanity 
news — the technique in which authentication is realized is not established. 
[0004] 

[Problem(s) to be Solved by the Invention] him in off-line — while it has the same safety as 
authentication — him — it is offering the method of realizing increase in efficiency and real time-ization 
of certificate application / issue processing by online-izing of authentication, and its equipment, him in 
the online in a certificate application and issue although the above-mentioned conventional technique 
also described — the technique which realized authentication is not established. 

[0005] In order to perform he authentication, it is necessary to show the information (or object) which 
only he cannot have, the electronic world — him — although a digital signature method exists as a 
technique for realizing authentication, a digital signature method is realized on the credit of a key. It is 
difficult to attest this human nature of those who do not hold the key by which the credit was carried 
out. therefore, the time of receiving the credit of a key for the first time with the conventional technique 

— him in off-line — authentication was needed and the problem existed in a cost side, convenience, etc. 
Although what is necessary is just to show the information which only he cannot know to the partner 
who wants to receive authentication in order to attest this human nature on-line from the condition that 
the credit of a key is not carried out, the threat of the information being revealed to a third person 
exists in that case, if the information which only he cannot know can transmit where security is secured 

— him in online — authentication also becomes possible. 

[0006] The purpose of this invention offers the certificate issue approach that a certificate applicant 
and a certificate publisher can carry out certificate application / issue processing efficiently on-line. 
Another purpose of this invention is to offer the certificate issue approach that a certificate issue 
engine system can be carried out by low cost. Still more nearly another purpose of this invention is to 
offer the certificate issue approach that safe certificate issue processing which eliminated the threat of 
spoofing by the third person can be carried out. 
[0007] 

[Means for Solving the Problem] Transmission and reception of the information for attesting are enabled, 
the certificate issue approach of this invention introduces the new concept of a disposable key — 
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insurance — him — The information to which a certificate applicant cannot know only an applicant to a 
certificate publisher, for example, he, is the member of credit finance. In the condition that the credit of 
a key is not carried out by showing insurance the name of the credit number which only he and a credit 
firm cannot know, and him, the address, etc., authentication of this positive human nature in online is 
guaranteed, and operation of positive certificate issue is enabled. 

[0008] Processing of the certificate issue approach is carried out at the following steps. 
Step 1: Generally a certificate applicant inputs certificate application information including the 
information which only he cannot know to certificate application equipment. 

Step 2: Certificate application equipment generates a disposable key and performs security-ization of 
certificate application information using it. 

Step 3: Certificate application equipment sends the above-mentioned disposable key, the disposable 
public key information that a pair is made, and the information security-ized at step 2 to certificate 
application acceptance equipment. 

Step 4: Certificate application acceptance equipment verifies the information security-ized using 
disposable public key information, and sends a verification result to certificate issue equipment. 
Step 5: Certificate issue equipment opts for the handling of certificate application information according 
to a verification result. 

Step 6: Certificate issue equipment publishes a certificate, when the justification of certificate 
application information is checked, and issue of a certificate is not performed when justification cannot 
be checked. 

Step 7: Certificate issue equipment notifies the result of certificate issue procedure to an applicant. 
[0009] 

[Embodiment of the Invention] Hereafter, the example of this invention is explained in detail using a 
drawing. The example of the system configuration by which the approach of this invention is applied to 
drawing 1 is shown. Using certificate application equipment 11, a certificate applicant makes certificate 
application information and sends to the certificate application acceptance equipment 14 in the 
certificate authority equipment 13 connected by the communication line 12. Certificate application 
acceptance equipment 14 verifies receipt information, and sends the verification result and certificate 
application information to certificate issue equipment 15. Certificate issue equipment 15 sends the 
verification result and the result of having responded to verification of certificate application information 
to certificate application equipment 1 1 through a communication line 1 2. 

[0010] The example of a functional configuration of certificate application equipment 1 1 is shown in 
drawing 2 . To the application information generation section 21, the key generation section 22 for a 
signature, the key generation section 23 for delivery, the common key generation section 24, the 
encryption key generation section 25, the signature section 26, the encryption sections 27 and 28, the 
public key transmit information generation section 29, the bond part 31 that combines the information 
which should be sent out, and the exterior, information It consists of input means 36, such as a 
keyboard which inputs the control section 35 which controls the transmitting section 32 which transmits, 
the receive section 33 which receives the information from the outside, the storage section 34 which 
memorizes various information, and each part sequentially, or performs the R/W to the storage section 
34, various information, a command, etc., etc. These are usually constituted by the microprocessor etc. 
[001 1] Each example of a functional configuration of certificate application acceptance equipment 14 
and certificate issue equipment 15 is shown in drawing 3 . With certificate application acceptance 
equipment 14, the receive section 41 which receives the information from the outside, the division 
section 42 which divides the received information, the key generation section 43 for delivery, the 
common key generation section 44, the decryption sections 45 and 46, the signature verification section 
47, the storage section 48 that memorizes various information, and each part are controlled sequentially, 
or it has the control section 49 which performs the R/W to the storage section 48 etc. 
[0012] Certificate issue equipment 15 is equipped with the justification verification section 51, the 
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certificate issue section 52, and the transmitting section 53 that sends out information to the exterior. 
When certificate application acceptance equipment 14 and certificate issue equipment 15 are separated 
regarding the place, information is prepared for **, the transmitting section which carries out a carrier, 
and a receive section in between [ these ], respectively. Next, the procedure of a certificate application 
is explained with reference to drawing 2 thru/or drawing 4 . The certificate application receiving set 14 
which the certificate applicant operated certificate application equipment 11, charged the disposable 
public key Ep2 for key delivery to the certificate application receiving set 14, and received this claim 
The disposable private key Es2 for delivery and a public key Ep2 are generated in the key generation 
section 43 for delivery, and while storing temporarily the private key Es2 in the storage section 48, it 
sends to certificate application equipment 11 through the transmitting section 53 of certificate issue 
equipment 15. Certificate application equipment 11 stores temporarily the disposable public key Ep2 for 
delivery of the received certificate application acceptance equipment 14 in the storage section 34. these 
keys Es2 and Ep2 for key delivery — dispersion — a logarithm, — it is used for a system unsymmetrical 
key cipher system. 

[0013] previously — certificate application equipment 1 1 — actuation of an applicant — a basis — **** 
and user information — The certificate application information CRI which consists of user key 
information etc. is built in the application information generation section 21 (S1). A private key Es1 and a 
public key Ep1 are generated in the key generation section 23 for delivery as a disposable key for key 
delivery (S2) f and a private key Ss1 and a public key Sp1 are generated in the key generation section 22 
for a signature as a disposable key for digital signatures (S3). The key in a factorization-in-prime- 
numbers system unsymmetrical key cipher system and the key in other cipher systems are sufficient as 
these disposable keys Ss1 and Sp1 for a signature. 

[0014] The information (for example, credit code) as which the confidentiality which shows this human 
nature is required is also included in the certificate application information CRI. The disposable key for 
key delivery has the following relation. 
Ep1=Es1andG [p] 

G [p] is a open parameter here, that is, this key — dispersion — a logarithm — it is used for a system 
unsymmetrical key cipher system. 

[0015] Certificate application equipment 11 uses a private key Ss1 for the certificate application 
information CRI, performs electronic signature in the signature section 26, and generates digital office 
naming certificate application information CRI-S (S4). On the other hand, it is the encryption key 
generation section 25 to the key Er for encryption. It generates at random (S5) f and it enciphers in the 
encryption section 27 to certificate application information CRI-S with a signature using this, and 
security-ized certificate application information CRI-S-E is generated (S6). 

[001 6] moreover, the object for key delivery — share key SK=Es-1 and Ep-2 are generated in the 
common key generation section 24 using public key Ep-2 of disposable private key Es-1 and certificate 
application acceptance equipment 14 (S7). This share key SK has the relation between SK=Es~2 and 
Ep-1. This share key SK is used and it is the key Er for encryption at the encryption section 28. It 
enciphers and encryption information Er-E of an encryption key is obtained (S8). 

[0017] The public key transmit information DPI for throwing away containing public key Sp-1 and Ep-1 
is generated in the public key transmit information generation section 29 (S9). This information DPI is 
good at mere bit-connecting DPI=Sp-1 ||Ep-1 of Sp-1 and Ep-1. Bit connecting of DPI is carried out to 
CRI-S-E and Er-E by the bond part 31, the certificate application demand information SCRI is 
generated (S10), and this application demand information SCRI is transmitted to certificate application 
acceptance equipment 14 from the transmitting section 32 (S1 1). 

[0018] The application demand information SCRI fills the following relational expression. 
SCRI=DPl||CRI-S-E||Er-E =DPl||(enc (Er:CRI-S)) || (enc (SK:Er)) 
= DPl||(enc (Er:sig (Ss-1:CRI))) || (enc (SK:Er)) 

|| means connection here, it means that enc (A:B) enciphers B using Key A, and sig (A:B) means carrying 
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out signature grant of the B using Key A. 

The certificate application acceptance equipment / issue equipment operations sequence concerning 
one example of invention of certificate verification / ****** are shown in drawing 5 . 
[0019] Certificate application acceptance equipment 14 divides into DPI, CRI-S-E, and Er-E the 
application demand information SCRI received in the receive section 41 in the division section 41 (S1). 
Spl and EpI are obtained from the DPI. the object for encryption of the Sp-1 and certificate application 
acceptance equipment 14 — the share key SK is generated in the share key generation section 44 using 
private key Ss-2 (S2). That is, SK=Es2 and Ep1 are calculated in the share key generation section 44. 
The share key SK generated with certificate application acceptance equipment 14 and the share key SK 
generated with certificate application equipment 11 are the same. 

[0020] Er-E is decrypted in the decryption section 45 using the generated share key SK, and it is the 
encryption key Er. It obtains (S3). The encryption key Er CRI-S-E is decrypted in the decryption section 
46, and CRI-S is obtained (S4). CRI-S is verified using Sp1 in DPI in the signature verification section 
47 (S5). When the verification result is unusual, since existence of threats, such as an alteration, is clear, 
the purport that certificate registration was stopped and registration was un-completing is shown to 
certificate application equipment 1 1 through the transmitting section 53 from the certificate issue 
section 52 (S6). 

[0021] When the justification of CRI is guaranteed by the signature verification result, the information as 
which the confidentiality which shows this human nature is demanded, for example, a credit number, is 
acquired from CRI, and this human nature is checked in the justification verification section 51 using the 
information (S7). It is got blocked, for example, confirms whether to be what he has [ the credit 
number ]. When this human nature is checked, a certificate is published in the certificate issue section 
52, and the transmitting section 53 shows certificate application equipment 1 1 the purport which 
certificate issue processing ended normally (S8). When this human nature cannot be checked, the 
purport to which certificate issue processing was stopped and certificate issue was not carried out is 
shown to certificate application equipment 1 1 through the transmitting section 53 in the certificate issue 
section 52 (S6). 

[0022] It sets to **** and is the encryption key Er. Although it was made to generate at random and 
certificate application information signature CRI-S was enciphered, as a broken line shows in drawing 2 , 
it is this encryption key Er. CRI-S may be instead enciphered with the share key SK. In this case, the 
encryption key generation section 25 and the encryption section 28 are omitted by drawing 2 , therefore 
CRI-S-E and DPI are seen off in certificate application acceptance equipment 14, and Er~E is omitted. 
The decryption to CRI-S-E is performed in the decryption section 46 by the share key SK which the 
decryption section 45 was omitted with certificate application acceptance equipment 14, and was 
generated in the share key generation section 44. Certificate application acceptance equipment may 
serve as certificate issue equipment in ****. 
[0023] 

[Effect of the Invention] As stated above, in this invention, reservation of security is realized to the 
guarantee of this human nature by introducing the new concept of a disposable key by including the 
extra sensitive information which shows this human nature which only he can know again in certificate 
application information. Furthermore, the burden of certificate application equipment and certificate 
issue equipment is also mitigated, and there is also little system cost about certificate issue processing. 
[0024] Moreover, the threat of spoofing by the third person is prevented and safe certificate issue 
processing can be realized. 
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DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] The block diagram showing the example of the structure of a system to which this invention 
approach is applied. 

[Drawing 2] The block diagram showing the functional configuration of the example of the certificate 
application equipment by this invention. 

[Drawing 3] The block diagram showing the functional configuration of the example of the certificate 
application acceptance equipment by this invention. 

[Drawing 4] The flow chart showing the example of the operations sequence of the certificate 
application equipment shown in drawing 2 . 

[Drawing 5] The flow chart showing the example of the operations sequence of the certificate 
application acceptance equipment shown in drawing 3 . 

[Translation done.] 
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[M 3 ] ±E«6V^T«tt(B«*tlk****»«l«P 



(2) 

2 

±EttHJ#TttWtttlMHtt, ±E«E2lffl«^»T^Bi 
•t£«fctf±E7^5^l'»*JBffil>»T&H«T»0. 
±E*E2iffltt^«T»ffitt£±EiE91»*ll33S* 
©«E£JB&MI*£m>T#*r*&£j£U 
±EKM»*BM»«©-fe+3. U ^ <tit, ±E8E?Ji»* 

T^y^m^fr^. AO, £©»*ttK"H»*aiH& 

±B&H»*«*©*IE£ffltt^£T4ilB*£-*©SE9i 
»3aS«©«ffi£fl!»ffi*£m»T##«££jSU 

■*©#*r*n?±E-t * a 'J x ftaiEBj* * mmm&m^ 

iWbffl flt £ 7 > ^ A £fi&T s t , 
30 ±fi*E2!ffl©£^»T©»fctt£H91»*»a£S« 

©«Eaffl4i»wi*ffl^T*3fir«*^'r«*a:t. 

±ESE9l»*lll1t«£±E'7 f >r 5?^;U««ffl«^»T» 

±tBx * s?^ )vm& as. ®9 * »««*±Ei«^k*T?- 
.^b»t*£#*#8£. 

mt, ±E«E2lffl«t>»T4iH«li:e±EaEW»*a« 

sasat^asflrrs^at, 

±E#*ft*«*«ias-&«:o. iBts^©(c*f-r-5St*- 
#*&££?ts safest'. 
±E«iafc^sft«*ftEii-r*±EE«^at, 

fat. 



#5 Ba^p 1 1 -231 776 



3 

*at. 

x&mm t temm z z> ^a t , 

±EK9!» * Wit $6 £ ±Bx -C v 5 * JB & ^itS 

#fb bT-te+i U f--MbKH»*MW«*£J*-r*^R 
t. 

±flE-t*i 'J 5V <bffi91»*»««£. ±125^ v^Jl- 

t & ±&mnm $ iff gw&w^mm-r -s ^a t , 

±EfflSfc&Rfc1iMi*fitrr*-tEE*^a£. 

at, 

jvm&mm^mT&fflmt, mmmmm^mx^mmt 

±E*#«T±E*^snfciiSf^{btt«*sa^bu 

TBt^{bii^f#?.^at» 

±E«f^b«T±E-fe*a 'J T--Mb8E9I» 
fftLTr-f S>*;U¥*ttKW»*MH9«*»**a 

±Ex*5>*;i'*&ttffi»»*ailW««. iEf^fi' 

±E##a*)H*«ias-&. E*^a^©«*»#fc£ 

Sfr3M»#a£. 

±EJBatifcS^«*SE1fr*±EE1t#ad:. • 
* * HEW** B^a^Bo 

w*S7] ttE»ffl»«*££fifc-r**a£. 

at, 

E3ifflfit^ttT^H«tt»«-r*^at. 

±E»««i±E«E£flitt^£T&B8*liSm*T# 

ftbT^-f j?^jm*(*KM»*B9««*»*^at, 

±E5*-r^^;m*#IEtfi»*iSttf«*. ±.V&7<(i?9 



(3) 

-rs^at. 

±B&*a*iei5Wffl«3ii\ Bii^a'Nca***;*^ 

^fT3©jn^a<t, 

±E«ii!fc^£ft:«a&E1t-r4±EE1t#ai:, 
[W*«8 3 ±E***ttK:'&*'r*t. ±EHEW» 

SETS^at, 

io ffiiw»^%fT-r?)^a«t^«i^^^i^#mt-r^w* 

« 6 X(4 7 Btt©lE91ft$a!W$£9&n. 

[0 0 0 1 ] 

[0 0 0 2] 

tt&„ ^©«^$&T^x-^^3#(CJ;D^t#$n 
&^±5t£, ^M^W^AWfeWT^-S^t^^-rSEB^ 
»*7*-^«t«&#**SSD, -€-©IEM«rt©4iHttSffl 
^T«^x-^^Bt^bbTJf«b, -tCfJfli*©*** 

»asK«»r*»isitT?-t©«*&anfc«iF^Yb5*-^* 

[0 0 0 3] Cl©J:3ftKiH»£ffifT LTfcSpKte, 
fl6*fc*^Ttt. EW»#»*©*Att©*BStT'5fc 

30 ^-©fci*, a 1Mb • swsfbtffflissn. fojait^s 

lt, «AiiMB£tim-*£££<'t*:i , j^!W*# 
snfc«**:*ABiE**suTt»4S«ttaatanT 

[0 0 0 4] 

II ©£:£&£ WL&;5S£>. *A^.giE©^->5-r> 
{bfc«fcftfflEW»*W • 3Bf?8lJi©3&*fb • •JTJ^'f A 

fc££3iT*#ft&tfiE-©siisflHft"f s uiTSs. 
40 ±je©fie*a«T? ! bEjiEi/it* t , aEw»*» • fm\z& 

X^fc^. 

[0 0 0 5] *ABK*ff *ALA^%i 
#T*AigSE^HS-r^fca6©SWt Ltr-i v^Mi 

**ita«Sffi-r436*7*> 3?^;u*4&*iCH*i©-%-fS©± 

®tbXm<D J 3-tS$:%tf2>mz*y7'1 >T©*AigiISr 
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5 

ft. m<D^m&2ftT^ti.^Vifl&frt>*>y-1 >T*#A 
14 SrlSflT #A Vfrftl 0 *.&<^tf 3g£|gliE£§ 

*cDflr #a o 

[0 0 0 6] u«SS©IKlH 8E9!»*tt*i:l£9i# 

mztftjj&zm m-t % z. t ess. 

[0 0 0 7] 

[0008] mmwtt&<D^mmxv<D7.y-v-7°T" 
xt- y 7i : mmm^m^itmmm^m&mizMv, - 

«Ktt*AL/*»»t)»atr»«*6fftriEW»*»ffif*Sr 30 

-r «e ^ wx'jmmm * wf«^2Tt*a'jf<ffti 
^^^^5 : aEM#56ff8«tt*aE*s*t:i6i;. mm « 

[0 0 0 9] 



£1981 2T«ttSn&BIEJ9SBl 3 F^OTBEWft^iS 
gaS«14KSI*. E«e$S*£9SBl 4ttS(B19 
*£*IIU -f-©*KIS*tliEW»*ai**Sii«l»5fi 

ffsm 5^si*. KawafTSB 1 5«. *v>mM& 
2sai;TffiM»#»s«i i^su>. 

[0 0 10] B2£KBJJff$fl!gBl 1 ©IMBfllJSfcl* 

ffl#M^2 3, 2 4 , fflf*§fl2*£j*«2 

5, g££B2 6. g§ft«2 7i 2 8, &Hil2t<iffi*8 

*^*«*2im-r4S«»3 2, fl-«*»s©w*&s« 

t^§«S3 3, £««**Btrr*etta53 4. #gB 

— K 3^ 3 6fc<h*<fc0fc5. zm^teffl 

[ o o 1 1 ] ei 3 izmmm^m^mmm 1 4 , s 

14TJ4. ^W35»6ffl««*S«T*SfllS4 1. g« 

$nAc1«$8^^t>Jf -5#tra4 2, SBjMffli!£fi£gB4 
3, #illl£j&g|$4 4. «^<ftgB4 5, 4 6, g£^SE 
354 7 , ^affiF4B«Gtt-r«IBttffi4 8. ftff£JS£ffi!l 

[0012] BEHftftfrSB 1 5 telE^tt&fiESB 5 1 , 

t.tmmm\zmnx^^m^\t. ztizmxmmzm. 

75SH4*#flgL/TKW»*IIIO#«tlftWr*. K9i 

«*WAia, iiBj#$iisfigs i 4tc*fL, ttse^ffl 

«E^JtT4iBlltE p 2 £SEBJ»$MgS 1 1 £jftf£L 
T. W#L, C©«#SSttfcBEBJ«*l«S«S«l 4 
tt* ESIffl«4rit«4 3fcTlB2lfflttirJ»T»*«E s 
2, 4iH«Ep2*^J«b, -C-OfiHtftlE s 2 tEttiaB 

5 3*^UTiiEW»*»S«l l^SlS. fiEK#^I»S 
SI lttSftbfcffiW»*WfSSg1tl 4©EIfflfiH 

^T^MIlEp 2?:fB1igK3 4{C-B#fB1g-r«). 
EitfflliE s 2 , E p 2 «Ktt^liC«#^iR:ttlt#^^: 

[0013] 9b\z* mnm^m&w.i ia*si#o»f^ 

#*»«f*CR IS#»*«*Klta5 2 (S 
1) . -«ffi3!ffig^»T*iLT«HB«E s 1 ai&Mft 
Ep l*E3lM«*«ffl2 3T*J«l/ (S2) , x-r-^ 
^;U**fflffi^»»T«|tbT»fB«IS s 1 £&H«S p 

1 ^S^ffl^^fi£g|5 2 2TtsKt5 (S3). :of« 
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7 

jiittmrcfcs si, s p i itmm^mmm^mm 

[0 0 14] SE9W$Wt»$BCR I fctt*Att**-f* 
E p 1 =E s 1 • G [p] 

I^TG [p] «&H^7*-*T»«. ^soioi 
-5. 

[0 0 15] SKifMStl 1 tttE9§«$aifffifttCR 

i cms s 1 £m>TS£gB2 6T"«^?££rr 
x-r^*^«*ttffiE»*H*«CR I -SfifiiE 

-T-5 (S4) . -#R&^b«±J««2 5*»&l**Mb/B« 
Er £5>^A(;i£/5£b (S5) , ^nS:I^Tt*# 
E9i»*WflMSCR I -Sfc»l/lS^fti{|2 7TBS^b 
*fT^-t*3.'J7--<'fbttEM»*»*«CR I -S-E«r 
^fiTtS (S 6) o * 

SCRI=DPI II C R I — S — E | 
= DP I || (e n c (Er 

(e n c (SK : Er ) ) 
= DP I || (e n c (Er 
(e n c (SK : Er ) ) 
|| tea&££S*U enc (A:B)ttBSr, tt 

Azm^Twsmfrrzzt&mvkis. sis (a : b) 



[0 0 1 9] iE0J»*ISSiig«l 4«S«gK4 ITS so 
ttttttfc#»B#W*SCR ISDPIiCRl-S- 
EtEr -EtKSMNBIU « (SI) „ ■€■© 

DPI^eSpItEpI £#5. ^WS P - 1 iffEBJ 

»*W3S£Bi 4©ie^bffl»?&*s s -2^mx 
*^r«isK**«rtt*j«fflJ4 4T*riE-r* (S2) . -z> 

£0;&Wf$£fiJ£gB4 4T-teSK=E s 2 • E p 1 
tSEBJ»*WSei lt4slESnfc**tSKttH-T 

[0 0 2 0] £j*l>fc#=fMiSK£fl!t>TEr -E&tt 40 
JffbfflU 5T«*»{b*fT^. «F^b*Er Sf»* (S 
3) . ^©Pg^fb^Er KiOCR I -S-ESttt^-fb 

6Tl^tLTCR I -S*»* (S4) . 
gIEB154 7TDP I cpOSp l&fflHTCRI - S CD&SE 
£rr? (S5) , *©«BE*S***a*T*<&«^, 

»BfTffi5.2±D«ra8B5 3*ai;Tffi3S"r* (s 

6) . 

[0 0 2 1] »«*ffiie*K«kOCR I©iEatt«»«fiE so 



* [0 0 16] Sfc«||B2lfflfi[^»T8fffi*Es- 1 tBE 
W»#*SISI1 4®4iM«Ep-2*fflt»T*ait 
£]««2 4T?#W«SK = E s - 1 • Ep-2^«t 
-5 (S 7) . :©MiSKttSK=E s -2 • Ep- 
H«D*3fiTJ|SK&ffl^T«f^{b 
2 8TPg^{b/BSIEr &«WfcUTrtHt{bli©WF*»ft: 
f*Er -E*»* (S 8) . 

[0 0 17] &HMtSp - 1 £Ep - 1 SiSrtTfcHtT 
A!&BB*3lf8flMliDP I &£Mtt2!{Bffirtii£ji!cffi2 9T 
^1"^> (S 9) . ^©1*$SDP IttSp-ltEp- 
1 <DW.tS.Z> h'-y h^DP I = S p - 1 HEp-lTJ: 
l>„ CRI-S-EiEr -EtDPI ££*§-&gB3 1 
Tt'7 MS^UT|IM«*»S*««SCR I ££j£L 

(sio) . io*ig*«is cr i &u*mmt ! §: 
isii 4\zmmnz 2*^Mt^ (sid . 

[0018] * ffigJStff $S S C R I tt£JlTOH«SC«r«» 

I Er -E 
CRI-S) ) || 

sig (S s - 1 : CR I ) ) ) || 

sti4i^. cr ia»s#Atts*-r«!6ttaiE3fcan 

K:«tD*Att©?xy^SiEatt«K»5 lT?fr5 (S 
7) „ OSD^JAtf-?-©^ Uv'y h#^-^'*A^WT-5 
t>©T?***»©f : xy^SfT'5. *Att*«flM§*nfc» 
EW»©*ffSIEW»*fT«5 2Tff^. iEttfcBE 
H»»fT»SjWK7L&e*ffi9!»*ai£1I 1 1 l~i£ff 
g)5 5 3 id J: OJi^-T-S (S8) . *A14^S!gT#7i^ 

$»sai i icji^Ts (s 6) . 

[0 0 2 2] ±JfiK*l»Ttt«f^bltEr ^7>^AfC 
SS^3-&.TEM»*W*«**CR I -SSflHWbLfc 
**, E2 4'T®i£§!T^T<fc5l;:£<DRf^bf$Er o#0 
iC^ffltSKTCR I -SSBt^-fbLTfeit^ £CD* 

H 2 TttJMfctt^jfcW 2 5 , «F^fl;« 2 8 
Sn, ^oTtiEBJ!»*WSSgei 4^1CR I -S- 

EtDPi**ai6n. Er -E««n§$n^>. mwm% 
nsisti 4T?«a^<bBB4 5*<#«an, 

$3$ 4 4 -p£ fifc £ ntcPi^m SKH<tt3 «^{bB& 4 6 T 
CR I -S-Efctt-rsfc^btffffcn*. ±j£K*l> 

[0 0 2 3] 

CD***»D»**Att**"r*««f«ftBM»*»«* 
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[0 0 2 4] Sfc. fB=#KJ:*ttOrSb©#lRSBI5 
[HiB<Z)ffi¥tt8Ull] 

[01] cofsw^^jifflsns^x^Acwjswt 



10 

[12] £0£91lCJ:&aEi»#ifW£B<Z>iftKtt0m£ 

[S3] ~<Dmw\z£z>mwm$m§:mgiW<DmMm<D 

[04] H2fc*LfcEM»*WS«o»fP#)H<D«aj* 

[0 5 ] 0 3 H*bfc8EM»*i9Sa8«©»^)BO 

^J5r^-Tsfitn0„ 
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